Information About Virtual Service Blades

The modules (VSM, NAM, VSG, DCNM) hosted, created, and managed by the Cisco Nexus 1010 product family are called virtual service blades (VSBs). VSBs are created using ISO or OVA files found in the Cisco Nexus 1010 bootflash repository. The ISO or OVA defines the following for a VSB:

Cisco Nexus 1000V VSM Virtual Service Blade

The Cisco Nexus 1010 can host up to six VSMs and the Cisco Nexus 1010-X can host up to ten VSMs, each controlling a group of virtual Ethernet modules (VEMs). From a network management perspective, a VSM and its VEMs make up a virtual switch; and the Cisco Nexus 1010 and the multiple virtual switches it hosts are viewed as a cluster of switches.

You can create redundant virtual supervisor modules (VSMs) on the Cisco Nexus 1010 product family with the Cisco Nexus 1000V ISO or OVA image located in bootflash. The image is copied to a new VSB when you create it. Once you have created the first VSM, you can point to that software image to create additional VSMs. You can upgrade your VSMs to a new release of Cisco Nexus 1000V software as needed.

VSM Management VLAN

The Cisco Nexus 1010 and its hosted Cisco Nexus 1000V VSMs share the same management VLAN in static topology. Unlike the control and packet VLANs which are set when a VSB is created, the management VLAN is inherited. In a static topology, the management VLAN on a VSB cannot be changed. Since the management VLAN is inherited from the Cisco Nexus 1010, if you change management VLAN for Cisco Nexus 1010, then the change is applied to both the Cisco Nexus 1010 and all of its hosted Cisco Nexus 1000V VSMs in next reload.

However, this constraint does not exist in flexible topology and the management VLAN of a VSB can be different from the Cisco Nexus 1010 host.

VSM High Availability

High availability is configured for the redundant VSB pairs that you create on the Cisco Nexus 1010.

Not all VSBs are active on the active Cisco Nexus 1010. As long as there is connectivity between the active and standby Cisco Nexus 1010, access through a serial connection is maintained to any VSB. When one Cisco Nexus 1010 fails, the remaining Cisco Nexus 1010 becomes active and all VSBs in the standby state on that Cisco Nexus 1010 become active on their own.

A VSB can be removed completely from both redundant Cisco Nexus 1010s, or from only one. If one of a redundant pair of VSBs becomes unusable, it can be removed from only the Cisco Nexus 1010 where it resides. This mitigates the recovery by preserving the remaining VSB in the pair. This may become necessary if a new instance of the VSM must be provisioned.

For more information about VSM high availability, see the Cisco Nexus 1000V High Availability and Redundancy Configuration Guide, Release 4.2(1)SV1(5.1).

Cisco Network Analysis Module Virtual Service Blade

You can create one network analysis module (NAM) on the Cisco Nexus 1010 or Cisco Nexus 1010-X with the NAM ISO image in the Cisco Nexus 1010 bootflash. The image is copied to a new NAM VSB when you create it.

For more information about NAM, see the Cisco Network Analysis Module Software Documentation Guide, 4.2.

Cisco Virtual Security Gateway Module Virtual Service Blade

You can create up to three virtual security gateway (VSG) modules on the Cisco Nexus 1010 or Cisco Nexus 1010-X with the VSG ISO image. You can copy the VSG ISO image from the following link and then copy it to the new VSG VSB when you create it.

You can create one data center network manager module (DCNM) on the Cisco Nexus 1010 or Cisco Nexus 1010-X with the DCNM ISO image in the Cisco Nexus 1010 bootflash. The image is copied to a new DCNM VSB when you create it.

For more information about installing DCNM on Cisco Nexus 1010, see the Cisco DCNM Installation and Licensing Guide, Release 5.x.

Guidelines and Limitations

The following are guidelines and limitations to use when configuring virtual service blades:

•Unlike the control and packet VLANs which are set when a virtual service blade is created, a virtual service blade inherits its management VLAN from the Cisco Nexus 1010.

Caution Do not change the management VLAN on a virtual service blade. Since the management VLAN is inherited from the Cisco Nexus 1010, if you change it, then the change is applied to both the Cisco Nexus 1010 and all of its hosted Cisco Nexus 1000V VSMs.

•If you are using an ISO file from bootflash repository or downloaded, you know the filename.

•If you are using an ISO file from an existing virtual service blade, you know the name of the virtual service blade type. This procedure includes information about identifying this name.

•You know the following properties for the virtual service blade:

–Domain ID

–Management IP address

–Management subnet mask length

–Default gateway IPV4 address

–Switchname

–Administrator password

–Control and packet VLAN IDs

•This procedure shows you how to identify and assign control and packet VLANs for the virtual service blade. Do not assign a management VLAN because the management VLAN is inherited from the Cisco Nexus 1010.

----------------------------------------------------------------------------------------- VsbEthernet1/1 control 423 up up Po1 Po1

VsbEthernet1/2 management 231 up up Po1 Po1

VsbEthernet1/3 packet 423 up up Po1 Po1

internal NA NA up up

HA Role: Primary

HA Status: ACTIVE

Status: VSB POWERED ON

Location: PRIMARY

SW version: 4.2(1)SV1(4a)

HA Role: Secondary

HA Status: STANDBY

Status: VSB POWERED ON

Location: SECONDARY

SW version: 4.2(1)SV1(4a)

VSB Info:

Domain ID : 441

switch(config-vsb-config)#

switch# switch(config-vsb-config)#

Step 11

copy running-config startup-config

Example:

switch(config-vsb-config)# copy running-config startup-config

Saves the running configuration persistently through reboots and restarts by copying it to the startup configuration.

Deleting a Virtual Service Blade

Use this procedure to delete a virtual service blade, such as a VSM or NAM.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

•You are logged in to the CLI in EXEC mode.

•You know the name of the virtual service blade you are deleting.

•You must shut down the virtual service blade before it can be deleted. This procedure includes instructions for shutting down the virtual service blade.

•A virtual service blade can be removed completely from both redundant Cisco Nexus 1010s, or from only one. If one of a redundant pair of virtual service blade blades becomes unusable, it can be removed from only the Cisco Nexus 1010 where it resides. This mitigates the recovery by preserving the remaining virtual service blade in the pair. This may become necessary if a new instance of the service must be provisioned.

SUMMARY STEPS

1. config t

2. virtual-service-blade name

3. shutdown

4. show virtual-service-blade summary

5. One of the following:

–no virtual-service-blade name

–no enable

6. show virtual-service-blade summary

7. copy running-config startup-config

DETAILED STEPS

Command

Purpose

Step 1

config t

Example:

switch# config t

switch(config)#

Places you in the CLI Global Configuration mode.

Step 2

virtual-service-bladename

Example:

switch(config)# virtual-service-blade vsm-5

switch(config-vsb-config)#

Places you into configuration mode for the named virtual service blade.

•no virtual-service-blade: Removes the virtual service blade in its entirety from the Cisco Nexus 1010.

•no enable: Removes the specified virtual service blade from the system but retains the infrastructure configuration (interface VLANs, RAM size, disk size overrides) in Cisco Nexus 1010. Use this command to delete only one virtual service blade in a pair (primary or secondary).

Step 6

show virtual-service-blade summary

Displays a summary of services for verification of the removal.

Step 7

copy running-config startup-config

Example:

switch(config)# copy running-config startup-config

Saves the running configuration persistently through reboots and restarts by copying it to the startup configuration.

Modifying a Virtual Service Blade

Use this section to modify the control VLAN, packet VLAN, or the RAM size of a virtual service blade and then make the corresponding changes to the VSM.

Modifying a Virtual Service Blade on the Cisco Nexus 1010

Use this procedure to modify the control VLAN, packet VLAN, or the RAM size of a virtual service blade.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

•You are logged in to the CLI in EXEC mode.

•You know the name of the virtual service blade you are modifying.

•You must shut down the virtual service blade before modifying the RAM size. This procedure includes instructions for shutting down the virtual service blade.

•You must shut down the virtual service blade before modifying the control VLAN. This procedure includes instructions for shutting down the virtual service blade.

Caution The VSM must be in the shut state before modifying the control VLAN to preserve high availability when the service comes back. The control VLAN passes control messages to the standby VSM.

•You change the configuration first in the virtual service blade configuration and, then, in the Cisco Nexus 1000V VSM configuration. This procedure changes the virtual service blade configuration. To change the Cisco Nexus 1000V configuration, see the "Modifying a VSM on the Cisco Nexus 1000V" procedure.

Caution Do not modify the management VLAN. If you change the management VLAN, the change is applied to both the Cisco Nexus 1010 and all of the Cisco Nexus 1000V VSMs. The Cisco Nexus 1010 and its hosted Cisco Nexus 1000V VSMs share the same management VLAN. Unlike the control and packet VLANs which are set when a virtual service blade is created, the management VLAN is inherited.

SUMMARY STEPS

1. config t

2. virtual-service-blade name

3. Do one of the following:

–If you are modifying the ram size or the control VLAN, then continue with the next step.

–Otherwise, go to Step 6.

4. shutdown

5. show virtual-service-blade summary

6. One of the following:

–ramsize size

–interface control vlan vlanid

–interface control vlan vlanid

7. no shutdown

8. show virtual-service-blade name name

9. copy running-config startup-config

DETAILED STEPS

Command

Purpose

Step 1

config t

Example:

switch# config t

switch(config)#

Places you in the CLI Global Configuration mode.

Step 2

virtual-service-blade name

Example:

switch(config)# virtual-service-blade vsm-5

switch(config-vsb-config)#

Places you into configuration mode for the named virtual service blade.

Step 3

Do one of the following:

•If you are modifying the RAM size or the control VLAN, then continue with the next step.

Modifying a VSM on the Cisco Nexus 1000V

Use this procedure to modify the control VLAN ID, packet VLAN ID, or RAM size in the VSM configuration on the Cisco Nexus 1000V.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

•You are logged in to the CLI in EXEC mode.

•You know the name of the VSM you are modifying.

•You change the configuration first in the Cisco Nexus 1010 virtual service blade configuration and, then, in the Cisco Nexus 1000V VSM configuration. This procedure changes the Cisco Nexus 1000V VSM configuration. To change the Cisco Nexus 1010 virtual service blade configuration, see the "Modifying a Virtual Service Blade on the Cisco Nexus 1010" procedure.

Caution Do not modify the management VLAN. If you change the management VLAN, the change is applied to both the Cisco Nexus 1010 and all of the Cisco Nexus 1000V VSMs. The Cisco Nexus 1010 and its hosted Cisco Nexus 1000V VSMs share the same management VLAN. Unlike the control and packet VLANs which are set when a virtual service blade is created, the management VLAN is inherited.

SUMMARY STEPS

1. login virtual-service-blade vb6

2. login

3. password

4. show svs domain

5. config t

6. svs-domain

7. control vlan vlanid

8. packet vlan vlanid

9. show svs domain

10. copy running-config startup-config

11. Ctrl \

12. close

DETAILED STEPS

Command

Purpose

Step 1

login virtual-service-blade vb6

Logs you into the Cisco Nexus 1000V CLI for the VSM you are modifying.

Step 2

login

Authenticates your user ID.

Step 3

password

Authenticates your password.

Example:

N1010-1# login virtual-service-blade 1

Telnet escape character is '^\'.

Trying 192.168.0.18...

Connected to 192.168.0.18.

Escape character is '^\'.

User Access Verification

n1010-vsm1 login:

password:

Step 4

show svs domain

n1000v# show svs domain

SVS domain config:

Domain id: 100

Control vlan: 1114

Packet vlan: 1115

L2/L3 Control mode: L2

L3 control interface: NA Status:
Config push to VC successful.

n1000v#

Displays the domain configuration for the VSM.

Step 5

config t

Example:

n1000v# config t

n1000v(config)#

Places you in the CLI Global Configuration mode.

Step 6

svs-domain

Example:

n1000v(config)# svs domain

n1000v(config-svs-domain)#

Places you into SVS Domain Configuration mode.

Step 7

control vlan vlanid

Example:

n1000v(config-svs-domain)# control vlan 1116

n1000v(config-svs-domain)#

Modifies the VLAN ID of the VSM domain control VLAN.

Step 8

packet vlan vlanid

Example:

n1000v(config-svs-domain)# packet vlan 1117

n1000v(config-svs-domain)#

Modifies the VLAN ID of the VSM domain packet VLAN.

Step 9

show svs domain

Example:

n1000v(config-svs-domain)# show svs domain

SVS domain config:

Domain id: 100

Control vlan: 1116

Packet vlan: 1117

L2/L3 Aipc mode: L2

L2/L3 Aipc interface: mgmt0

Status: Config push to VC successful.

n1000v(config-svs-domain)#

Displays the domain configuration for verification of the changes.

Step 10

copy running-config startup-config

Example:

n1000v(config-svs-domain)# copy running-config startup-config

n1000v(config-svs-domain)#

Saves the running configuration persistently through reboots and restarts by copying it to the startup configuration.

Step 11

Press the Ctrl key and \ key

Example:

n1000v(config-svs-domain)# Ctrl \

Telnet>

Exits from the SVS Domain Configuration mode and returns you to a Telnet prompt.

Step 12

close

Example:

Telnet> close

switch#

Closes the Telnet session and returns you to EXEC mode on the Cisco Nexus 1010.

Step 13

You have completed this procedure.

Verifying the Virtual Service Blade Configuration

To verify the virtual service blade configuration, use the following commands: